mirror of
https://github.com/plantroon/acme.sh.git
synced 2024-12-22 21:21:42 +00:00
Merge branch 'dev' of https://github.com/Neilpang/acme.sh into dev
This commit is contained in:
commit
fb749dc526
38
acme.sh
38
acme.sh
@ -1006,10 +1006,20 @@ _createkey() {
|
|||||||
|
|
||||||
if _isEccKey "$length"; then
|
if _isEccKey "$length"; then
|
||||||
_debug "Using ec name: $eccname"
|
_debug "Using ec name: $eccname"
|
||||||
${ACME_OPENSSL_BIN:-openssl} ecparam -name "$eccname" -genkey 2>/dev/null >"$f"
|
if _opkey="$(${ACME_OPENSSL_BIN:-openssl} ecparam -name "$eccname" -genkey 2>/dev/null)"; then
|
||||||
|
echo "$_opkey" >"$f"
|
||||||
|
else
|
||||||
|
_err "error ecc key name: $eccname"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
else
|
else
|
||||||
_debug "Using RSA: $length"
|
_debug "Using RSA: $length"
|
||||||
${ACME_OPENSSL_BIN:-openssl} genrsa "$length" 2>/dev/null >"$f"
|
if _opkey="$(${ACME_OPENSSL_BIN:-openssl} genrsa "$length" 2>/dev/null)"; then
|
||||||
|
echo "$_opkey" >"$f"
|
||||||
|
else
|
||||||
|
_err "error rsa key: $length"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ "$?" != "0" ]; then
|
if [ "$?" != "0" ]; then
|
||||||
@ -1312,13 +1322,19 @@ _create_account_key() {
|
|||||||
_initpath
|
_initpath
|
||||||
|
|
||||||
mkdir -p "$CA_DIR"
|
mkdir -p "$CA_DIR"
|
||||||
if [ -f "$ACCOUNT_KEY_PATH" ]; then
|
if [ -s "$ACCOUNT_KEY_PATH" ]; then
|
||||||
_info "Account key exists, skip"
|
_info "Account key exists, skip"
|
||||||
return
|
return 0
|
||||||
else
|
else
|
||||||
#generate account key
|
#generate account key
|
||||||
_createkey "$length" "$ACCOUNT_KEY_PATH"
|
if _createkey "$length" "$ACCOUNT_KEY_PATH"; then
|
||||||
chmod 600 "$ACCOUNT_KEY_PATH"
|
chmod 600 "$ACCOUNT_KEY_PATH"
|
||||||
|
_info "Create account key ok."
|
||||||
|
return 0
|
||||||
|
else
|
||||||
|
_err "Create account key error."
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
}
|
}
|
||||||
@ -1341,11 +1357,14 @@ createDomainKey() {
|
|||||||
|
|
||||||
_initpath "$domain" "$_cdl"
|
_initpath "$domain" "$_cdl"
|
||||||
|
|
||||||
if [ ! -f "$CERT_KEY_PATH" ] || ([ "$FORCE" ] && ! [ "$IS_RENEW" ]) || [ "$Le_ForceNewDomainKey" = "1" ]; then
|
if [ ! -f "$CERT_KEY_PATH" ] || [ ! -s "$CERT_KEY_PATH" ] || ([ "$FORCE" ] && ! [ "$IS_RENEW" ]) || [ "$Le_ForceNewDomainKey" = "1" ]; then
|
||||||
if _createkey "$_cdl" "$CERT_KEY_PATH"; then
|
if _createkey "$_cdl" "$CERT_KEY_PATH"; then
|
||||||
_savedomainconf Le_Keylength "$_cdl"
|
_savedomainconf Le_Keylength "$_cdl"
|
||||||
_info "The domain key is here: $(__green $CERT_KEY_PATH)"
|
_info "The domain key is here: $(__green $CERT_KEY_PATH)"
|
||||||
return 0
|
return 0
|
||||||
|
else
|
||||||
|
_err "Can not domain key"
|
||||||
|
return 1
|
||||||
fi
|
fi
|
||||||
else
|
else
|
||||||
if [ "$IS_RENEW" ]; then
|
if [ "$IS_RENEW" ]; then
|
||||||
@ -5795,6 +5814,7 @@ Parameters:
|
|||||||
--ca-bundle Specifies the path to the CA certificate bundle to verify api server's certificate.
|
--ca-bundle Specifies the path to the CA certificate bundle to verify api server's certificate.
|
||||||
--ca-path Specifies directory containing CA certificates in PEM format, used by wget or curl.
|
--ca-path Specifies directory containing CA certificates in PEM format, used by wget or curl.
|
||||||
--nocron Only valid for '--install' command, which means: do not install the default cron job. In this case, the certs will not be renewed automatically.
|
--nocron Only valid for '--install' command, which means: do not install the default cron job. In this case, the certs will not be renewed automatically.
|
||||||
|
--noprofile Only valid for '--install' command, which means: do not install aliases to user profile.
|
||||||
--no-color Do not output color text.
|
--no-color Do not output color text.
|
||||||
--force-color Force output of color text. Useful for non-interactive use with the aha tool for HTML E-Mails.
|
--force-color Force output of color text. Useful for non-interactive use with the aha tool for HTML E-Mails.
|
||||||
--ecc Specifies to use the ECC cert. Valid for '--install-cert', '--renew', '--revoke', '--toPkcs' and '--createCSR'
|
--ecc Specifies to use the ECC cert. Valid for '--install-cert', '--renew', '--revoke', '--toPkcs' and '--createCSR'
|
||||||
@ -5928,6 +5948,7 @@ _process() {
|
|||||||
_ca_bundle=""
|
_ca_bundle=""
|
||||||
_ca_path=""
|
_ca_path=""
|
||||||
_nocron=""
|
_nocron=""
|
||||||
|
_noprofile=""
|
||||||
_ecc=""
|
_ecc=""
|
||||||
_csr=""
|
_csr=""
|
||||||
_pre_hook=""
|
_pre_hook=""
|
||||||
@ -6272,6 +6293,9 @@ _process() {
|
|||||||
--nocron)
|
--nocron)
|
||||||
_nocron="1"
|
_nocron="1"
|
||||||
;;
|
;;
|
||||||
|
--noprofile)
|
||||||
|
_noprofile="1"
|
||||||
|
;;
|
||||||
--no-color)
|
--no-color)
|
||||||
export ACME_NO_COLOR=1
|
export ACME_NO_COLOR=1
|
||||||
;;
|
;;
|
||||||
@ -6430,7 +6454,7 @@ _process() {
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
case "${_CMD}" in
|
case "${_CMD}" in
|
||||||
install) install "$_nocron" "$_confighome" ;;
|
install) install "$_nocron" "$_confighome" "$_noprofile" ;;
|
||||||
uninstall) uninstall "$_nocron" ;;
|
uninstall) uninstall "$_nocron" ;;
|
||||||
upgrade) upgrade ;;
|
upgrade) upgrade ;;
|
||||||
issue)
|
issue)
|
||||||
|
Loading…
Reference in New Issue
Block a user